claudekit-cli 1.2.0 → 1.2.2

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "claudekit-cli",
-	"version": "1.2.0",
+	"version": "1.2.2",
 	"description": "CLI tool for bootstrapping and updating ClaudeKit projects",
 	"type": "module",
 	"bin": {
@@ -33,6 +33,7 @@
 		"@octokit/rest": "^22.0.0",
 		"cac": "^6.7.14",
 		"cli-progress": "^3.12.0",
+		"extract-zip": "^2.0.1",
 		"fs-extra": "^11.2.0",
 		"ignore": "^5.3.2",
 		"keytar": "^7.9.0",
@@ -40,7 +41,6 @@
 		"picocolors": "^1.1.1",
 		"tar": "^7.4.3",
 		"tmp": "^0.2.3",
-		"unzipper": "^0.12.3",
 		"zod": "^3.23.8"
 	},
 	"devDependencies": {

package/src/commands/new.ts

@@ -1,6 +1,5 @@
 import { resolve } from "node:path";
 import { pathExists, readdir } from "fs-extra";
-import ora from "ora";
 import { AuthManager } from "../lib/auth.js";
 import { DownloadManager } from "../lib/download.js";
 import { GitHubClient } from "../lib/github.js";
@@ -9,6 +8,7 @@ import { PromptsManager } from "../lib/prompts.js";
 import { AVAILABLE_KITS, type NewCommandOptions, NewCommandOptionsSchema } from "../types.js";
 import { ConfigManager } from "../utils/config.js";
 import { logger } from "../utils/logger.js";
+import { createSpinner } from "../utils/safe-spinner.js";
 
 export async function newCommand(options: NewCommandOptions): Promise<void> {
 	const prompts = new PromptsManager();
@@ -59,7 +59,7 @@ export async function newCommand(options: NewCommandOptions): Promise<void> {
 		const github = new GitHubClient();
 
 		// Check repository access
-		const spinner = ora("Checking repository access...").start();
+		const spinner = createSpinner("Checking repository access...").start();
 		const hasAccess = await github.checkAccess(kitConfig);
 		if (!hasAccess) {
 			spinner.fail("Access denied to repository");
@@ -132,6 +132,9 @@ export async function newCommand(options: NewCommandOptions): Promise<void> {
 		const extractDir = `${tempDir}/extracted`;
 		await downloadManager.extractArchive(archivePath, extractDir);
 
+		// Validate extraction
+		await downloadManager.validateExtraction(extractDir);
+
 		// Copy files to target directory
 		const merger = new FileMerger();
 		await merger.merge(extractDir, resolvedDir, true); // Skip confirmation for new projects

package/src/commands/update.ts

@@ -1,6 +1,5 @@
 import { resolve } from "node:path";
 import { pathExists } from "fs-extra";
-import ora from "ora";
 import { AuthManager } from "../lib/auth.js";
 import { DownloadManager } from "../lib/download.js";
 import { GitHubClient } from "../lib/github.js";
@@ -10,6 +9,7 @@ import { AVAILABLE_KITS, type UpdateCommandOptions, UpdateCommandOptionsSchema }
 import { ConfigManager } from "../utils/config.js";
 import { FileScanner } from "../utils/file-scanner.js";
 import { logger } from "../utils/logger.js";
+import { createSpinner } from "../utils/safe-spinner.js";
 
 export async function updateCommand(options: UpdateCommandOptions): Promise<void> {
 	const prompts = new PromptsManager();
@@ -52,7 +52,7 @@ export async function updateCommand(options: UpdateCommandOptions): Promise<void
 		const github = new GitHubClient();
 
 		// Check repository access
-		const spinner = ora("Checking repository access...").start();
+		const spinner = createSpinner("Checking repository access...").start();
 		const hasAccess = await github.checkAccess(kitConfig);
 		if (!hasAccess) {
 			spinner.fail("Access denied to repository");
@@ -125,6 +125,9 @@ export async function updateCommand(options: UpdateCommandOptions): Promise<void
 		const extractDir = `${tempDir}/extracted`;
 		await downloadManager.extractArchive(archivePath, extractDir);
 
+		// Validate extraction
+		await downloadManager.validateExtraction(extractDir);
+
 		// Identify custom .claude files to preserve
 		logger.info("Scanning for custom .claude files...");
 		const customClaudeFiles = await FileScanner.findCustomFiles(resolvedDir, extractDir, ".claude");

package/src/lib/download.ts

@@ -1,14 +1,11 @@
-import { createReadStream, createWriteStream } from "node:fs";
+import { createWriteStream } from "node:fs";
 import { mkdir } from "node:fs/promises";
 import { tmpdir } from "node:os";
 import { join } from "node:path";
-import { pipeline } from "node:stream";
-import { promisify } from "node:util";
 import cliProgress from "cli-progress";
+import extractZip from "extract-zip";
 import ignore from "ignore";
-import ora from "ora";
 import * as tar from "tar";
-import unzipper from "unzipper";
 import {
 	type ArchiveType,
 	DownloadError,
@@ -16,8 +13,7 @@ import {
 	type GitHubReleaseAsset,
 } from "../types.js";
 import { logger } from "../utils/logger.js";
-
-const streamPipeline = promisify(pipeline);
+import { createSpinner } from "../utils/safe-spinner.js";
 
 export class DownloadManager {
 	/**
@@ -55,11 +51,11 @@ export class DownloadManager {
 
 			logger.info(`Downloading ${asset.name} (${this.formatBytes(asset.size)})...`);
 
-			// Create progress bar
+			// Create progress bar with simple ASCII characters
 			const progressBar = new cliProgress.SingleBar({
 				format: "Progress |{bar}| {percentage}% | {value}/{total} MB",
-				barCompleteChar: "\u2588",
-				barIncompleteChar: "\u2591",
+				barCompleteChar: "=",
+				barIncompleteChar: "-",
 				hideCursor: true,
 			});
 
@@ -137,7 +133,9 @@ export class DownloadManager {
 		// Add authentication for GitHub API URLs
 		if (token && url.includes("api.github.com")) {
 			headers.Authorization = `Bearer ${token}`;
-			headers.Accept = "application/vnd.github+json";
+			// Use application/octet-stream for asset downloads (not vnd.github+json)
+			headers.Accept = "application/octet-stream";
+			headers["X-GitHub-Api-Version"] = "2022-11-28";
 		} else {
 			headers.Accept = "application/octet-stream";
 		}
@@ -151,13 +149,13 @@ export class DownloadManager {
 		const totalSize = size || Number(response.headers.get("content-length")) || 0;
 		let downloadedSize = 0;
 
-		// Create progress bar only if we know the size
+		// Create progress bar only if we know the size (using simple ASCII characters)
 		const progressBar =
 			totalSize > 0
 				? new cliProgress.SingleBar({
 						format: "Progress |{bar}| {percentage}% | {value}/{total} MB",
-						barCompleteChar: "\u2588",
-						barIncompleteChar: "\u2591",
+						barCompleteChar: "=",
+						barIncompleteChar: "-",
 						hideCursor: true,
 					})
 				: null;
@@ -207,7 +205,7 @@ export class DownloadManager {
 		destDir: string,
 		archiveType?: ArchiveType,
 	): Promise<void> {
-		const spinner = ora("Extracting files...").start();
+		const spinner = createSpinner("Extracting files...").start();
 
 		try {
 			// Detect archive type from filename if not provided
@@ -237,19 +235,95 @@ export class DownloadManager {
 	 * Extract tar.gz archive
 	 */
 	private async extractTarGz(archivePath: string, destDir: string): Promise<void> {
-		await tar.extract({
-			file: archivePath,
-			cwd: destDir,
-			strip: 1, // Strip the root directory from the archive
-			filter: (path: string) => {
-				// Exclude unwanted files
-				const shouldInclude = !this.shouldExclude(path);
-				if (!shouldInclude) {
-					logger.debug(`Excluding: ${path}`);
+		const { readdir, stat, mkdir: mkdirPromise, copyFile, rm } = await import("node:fs/promises");
+		const { join: pathJoin } = await import("node:path");
+
+		// Extract to a temporary directory first
+		const tempExtractDir = `${destDir}-temp`;
+		await mkdirPromise(tempExtractDir, { recursive: true });
+
+		try {
+			// Extract without stripping first
+			await tar.extract({
+				file: archivePath,
+				cwd: tempExtractDir,
+				strip: 0, // Don't strip yet - we'll decide based on wrapper detection
+				filter: (path: string) => {
+					// Exclude unwanted files
+					const shouldInclude = !this.shouldExclude(path);
+					if (!shouldInclude) {
+						logger.debug(`Excluding: ${path}`);
+					}
+					return shouldInclude;
+				},
+			});
+
+			logger.debug(`Extracted TAR.GZ to temp: ${tempExtractDir}`);
+
+			// Apply same wrapper detection logic as zip
+			const entries = await readdir(tempExtractDir);
+			logger.debug(`Root entries: ${entries.join(", ")}`);
+
+			if (entries.length === 1) {
+				const rootEntry = entries[0];
+				const rootPath = pathJoin(tempExtractDir, rootEntry);
+				const rootStat = await stat(rootPath);
+
+				if (rootStat.isDirectory()) {
+					// Check contents of root directory
+					const rootContents = await readdir(rootPath);
+					logger.debug(`Root directory '${rootEntry}' contains: ${rootContents.join(", ")}`);
+
+					// Only strip if root is a version/release wrapper
+					const isWrapper = this.isWrapperDirectory(rootEntry);
+					logger.debug(`Is wrapper directory: ${isWrapper}`);
+
+					if (isWrapper) {
+						// Strip wrapper and move contents
+						logger.debug(`Stripping wrapper directory: ${rootEntry}`);
+						await this.moveDirectoryContents(rootPath, destDir);
+					} else {
+						// Keep root directory - move everything including root
+						logger.debug("Preserving complete directory structure");
+						await this.moveDirectoryContents(tempExtractDir, destDir);
+					}
+				} else {
+					// Single file, just move it
+					await mkdirPromise(destDir, { recursive: true });
+					await copyFile(rootPath, pathJoin(destDir, rootEntry));
 				}
-				return shouldInclude;
-			},
-		});
+			} else {
+				// Multiple entries at root, move them all
+				logger.debug("Multiple root entries - moving all");
+				await this.moveDirectoryContents(tempExtractDir, destDir);
+			}
+
+			logger.debug(`Moved contents to: ${destDir}`);
+
+			// Clean up temp directory
+			await rm(tempExtractDir, { recursive: true, force: true });
+		} catch (error) {
+			// Clean up temp directory on error
+			try {
+				await rm(tempExtractDir, { recursive: true, force: true });
+			} catch {
+				// Ignore cleanup errors
+			}
+			throw error;
+		}
+	}
+
+	/**
+	 * Check if directory name is a version/release wrapper
+	 * Examples: claudekit-engineer-v1.0.0, claudekit-engineer-1.0.0, repo-abc1234
+	 */
+	private isWrapperDirectory(dirName: string): boolean {
+		// Match version patterns: project-v1.0.0, project-1.0.0
+		const versionPattern = /^[\w-]+-v?\d+\.\d+\.\d+/;
+		// Match commit hash patterns: project-abc1234
+		const hashPattern = /^[\w-]+-[a-f0-9]{7,}$/;
+
+		return versionPattern.test(dirName) || hashPattern.test(dirName);
 	}
 
 	/**
@@ -264,24 +338,39 @@ export class DownloadManager {
 		await mkdirPromise(tempExtractDir, { recursive: true });
 
 		try {
-			// Extract zip to temp directory
-			await streamPipeline(
-				createReadStream(archivePath),
-				unzipper.Extract({ path: tempExtractDir }),
-			);
+			// Extract zip to temp directory using extract-zip
+			await extractZip(archivePath, { dir: tempExtractDir });
+
+			logger.debug(`Extracted ZIP to temp: ${tempExtractDir}`);
 
 			// Find the root directory in the zip (if any)
 			const entries = await readdir(tempExtractDir);
+			logger.debug(`Root entries: ${entries.join(", ")}`);
 
-			// If there's a single root directory, strip it
+			// If there's a single root directory, check if it's a wrapper
 			if (entries.length === 1) {
 				const rootEntry = entries[0];
 				const rootPath = pathJoin(tempExtractDir, rootEntry);
 				const rootStat = await stat(rootPath);
 
 				if (rootStat.isDirectory()) {
-					// Move contents from the root directory to the destination
-					await this.moveDirectoryContents(rootPath, destDir);
+					// Check contents of root directory
+					const rootContents = await readdir(rootPath);
+					logger.debug(`Root directory '${rootEntry}' contains: ${rootContents.join(", ")}`);
+
+					// Only strip if root is a version/release wrapper
+					const isWrapper = this.isWrapperDirectory(rootEntry);
+					logger.debug(`Is wrapper directory: ${isWrapper}`);
+
+					if (isWrapper) {
+						// Strip wrapper and move contents
+						logger.debug(`Stripping wrapper directory: ${rootEntry}`);
+						await this.moveDirectoryContents(rootPath, destDir);
+					} else {
+						// Keep root directory - move everything including root
+						logger.debug("Preserving complete directory structure");
+						await this.moveDirectoryContents(tempExtractDir, destDir);
+					}
 				} else {
 					// Single file, just move it
 					await mkdirPromise(destDir, { recursive: true });
@@ -289,9 +378,12 @@ export class DownloadManager {
 				}
 			} else {
 				// Multiple entries at root, move them all
+				logger.debug("Multiple root entries - moving all");
 				await this.moveDirectoryContents(tempExtractDir, destDir);
 			}
 
+			logger.debug(`Moved contents to: ${destDir}`);
+
 			// Clean up temp directory
 			await rm(tempExtractDir, { recursive: true, force: true });
 		} catch (error) {
@@ -386,6 +478,44 @@ export class DownloadManager {
 		throw new ExtractionError(`Cannot detect archive type from filename: ${filename}`);
 	}
 
+	/**
+	 * Validate extraction results
+	 */
+	async validateExtraction(extractDir: string): Promise<boolean> {
+		const { readdir, access } = await import("node:fs/promises");
+		const { join: pathJoin } = await import("node:path");
+		const { constants } = await import("node:fs");
+
+		try {
+			// Check if extract directory exists and is not empty
+			const entries = await readdir(extractDir);
+			logger.debug(`Extracted files: ${entries.join(", ")}`);
+
+			if (entries.length === 0) {
+				logger.warning("Extraction resulted in no files");
+				return false;
+			}
+
+			// Verify critical paths exist
+			const criticalPaths = [".claude", "CLAUDE.md"];
+			for (const path of criticalPaths) {
+				try {
+					await access(pathJoin(extractDir, path), constants.F_OK);
+					logger.debug(`✓ Found: ${path}`);
+				} catch {
+					logger.warning(`Expected path not found: ${path}`);
+				}
+			}
+
+			return true;
+		} catch (error) {
+			logger.error(
+				`Validation failed: ${error instanceof Error ? error.message : "Unknown error"}`,
+			);
+			return false;
+		}
+	}
+
 	/**
 	 * Create temporary download directory
 	 */

package/src/lib/github.ts

@@ -159,7 +159,7 @@ export class GitHubClient {
 	 * Get downloadable asset or source code URL from release
 	 * Priority:
 	 * 1. "ClaudeKit Engineer Package" or "ClaudeKit Marketing Package" zip file
-	 * 2. Other custom uploaded assets (.tar.gz, .tgz, .zip)
+	 * 2. Other custom uploaded assets (.tar.gz, .tgz, .zip) excluding "Source code" archives
 	 * 3. GitHub's automatic tarball URL
 	 */
 	static getDownloadableAsset(release: GitHubRelease): {
@@ -168,41 +168,58 @@ export class GitHubClient {
 		name: string;
 		size?: number;
 	} {
+		// Log all available assets for debugging
+		logger.debug(`Available assets for ${release.tag_name}:`);
+		if (release.assets.length === 0) {
+			logger.debug("  No custom assets found");
+		} else {
+			release.assets.forEach((asset, index) => {
+				logger.debug(`  ${index + 1}. ${asset.name} (${(asset.size / 1024 / 1024).toFixed(2)} MB)`);
+			});
+		}
+
 		// First priority: Look for official ClaudeKit package assets
-		const packageAsset = release.assets.find(
-			(a) =>
-				a.name.toLowerCase().includes("claudekit") &&
-				a.name.toLowerCase().includes("package") &&
-				a.name.endsWith(".zip"),
-		);
+		const packageAsset = release.assets.find((a) => {
+			const nameLower = a.name.toLowerCase();
+			return (
+				nameLower.includes("claudekit") &&
+				nameLower.includes("package") &&
+				nameLower.endsWith(".zip")
+			);
+		});
 
 		if (packageAsset) {
-			logger.debug(`Using ClaudeKit package asset: ${packageAsset.name}`);
+			logger.debug(`✓ Selected ClaudeKit package asset: ${packageAsset.name}`);
 			return {
 				type: "asset",
-				url: packageAsset.browser_download_url,
+				url: packageAsset.url, // Use API endpoint for authenticated downloads
 				name: packageAsset.name,
 				size: packageAsset.size,
 			};
 		}
 
-		// Second priority: Look for any custom uploaded assets
+		logger.debug("⚠ No ClaudeKit package asset found, checking for other custom assets...");
+
+		// Second priority: Look for any custom uploaded assets (excluding GitHub's automatic source code archives)
 		const customAsset = release.assets.find(
-			(a) => a.name.endsWith(".tar.gz") || a.name.endsWith(".tgz") || a.name.endsWith(".zip"),
+			(a) =>
+				(a.name.endsWith(".tar.gz") || a.name.endsWith(".tgz") || a.name.endsWith(".zip")) &&
+				!a.name.toLowerCase().startsWith("source") &&
+				!a.name.toLowerCase().includes("source code"),
 		);
 
 		if (customAsset) {
-			logger.debug(`Using custom asset: ${customAsset.name}`);
+			logger.debug(`✓ Selected custom asset: ${customAsset.name}`);
 			return {
 				type: "asset",
-				url: customAsset.browser_download_url,
+				url: customAsset.url, // Use API endpoint for authenticated downloads
 				name: customAsset.name,
 				size: customAsset.size,
 			};
 		}
 
 		// Fall back to GitHub's automatic tarball
-		logger.debug("Using GitHub automatic tarball");
+		logger.debug("⚠ No custom assets found, falling back to GitHub automatic tarball");
 		return {
 			type: "tarball",
 			url: release.tarball_url,

package/src/types.ts

@@ -46,7 +46,8 @@ export type Config = z.infer<typeof ConfigSchema>;
 export const GitHubReleaseAssetSchema = z.object({
 	id: z.number(),
 	name: z.string(),
-	browser_download_url: z.string().url(),
+	url: z.string().url(), // API endpoint for authenticated downloads
+	browser_download_url: z.string().url(), // Direct download URL (public only)
 	size: z.number(),
 	content_type: z.string(),
 });

package/src/utils/logger.ts

@@ -4,9 +4,9 @@ import pc from "picocolors";
 // Use ASCII-safe symbols to avoid unicode rendering issues in certain terminals
 const symbols = {
 	info: "[i]",
-	success: "[✓]",
+	success: "[+]",
 	warning: "[!]",
-	error: "[✗]",
+	error: "[x]",
 };
 
 interface LogContext {

package/src/utils/safe-prompts.ts

@@ -1,53 +1,43 @@
-import * as clack from "@clack/prompts";
+import picocolors from "picocolors";
 
 /**
- * Safe wrapper around clack prompts that handles unicode rendering issues.
- * Sets up proper environment to minimize encoding problems.
+ * Safe wrapper around clack prompts that uses simple ASCII characters
+ * instead of unicode box drawing to avoid rendering issues.
  */
 
-// Store original methods
-const originalIntro = clack.intro;
-const originalOutro = clack.outro;
-const originalNote = clack.note;
-
 /**
- * Wrapped intro that handles encoding better
+ * Simple intro with ASCII characters
  */
 export function intro(message: string): void {
-	try {
-		originalIntro(message);
-	} catch {
-		// Fallback to simple console log if clack fails
-		console.log(`\n=== ${message} ===\n`);
-	}
+	console.log();
+	console.log(picocolors.cyan(`> ${message}`));
+	console.log();
 }
 
 /**
- * Wrapped outro that handles encoding better
+ * Simple outro with ASCII characters
  */
 export function outro(message: string): void {
-	try {
-		originalOutro(message);
-	} catch {
-		// Fallback to simple console log if clack fails
-		console.log(`\n=== ${message} ===\n`);
-	}
+	console.log();
+	console.log(picocolors.green(`[OK] ${message}`));
+	console.log();
 }
 
 /**
- * Wrapped note that handles encoding better
+ * Simple note with ASCII box drawing
  */
 export function note(message: string, title?: string): void {
-	try {
-		originalNote(message, title);
-	} catch {
-		// Fallback to simple console log if clack fails
-		if (title) {
-			console.log(`\n--- ${title} ---`);
-		}
-		console.log(message);
+	console.log();
+	if (title) {
+		console.log(picocolors.cyan(`  ${title}:`));
 		console.log();
 	}
+	// Split message into lines and indent each
+	const lines = message.split("\n");
+	for (const line of lines) {
+		console.log(`  ${line}`);
+	}
+	console.log();
 }
 
 // Re-export other clack functions unchanged

package/src/utils/safe-spinner.ts

@@ -0,0 +1,38 @@
+import ora, { type Ora, type Options } from "ora";
+
+/**
+ * Create a spinner with simple ASCII characters to avoid unicode rendering issues
+ */
+export function createSpinner(options: string | Options): Ora {
+	const spinnerOptions: Options = typeof options === "string" ? { text: options } : options;
+
+	const spinner = ora({
+		...spinnerOptions,
+		// Use simple ASCII spinner instead of unicode
+		spinner: "dots",
+		// Override symbols to use ASCII
+		prefixText: "",
+	});
+
+	// Override succeed and fail methods to use ASCII symbols
+	spinner.succeed = (text?: string) => {
+		spinner.stopAndPersist({
+			symbol: "[+]",
+			text: text || spinner.text,
+		});
+		return spinner;
+	};
+
+	spinner.fail = (text?: string) => {
+		spinner.stopAndPersist({
+			symbol: "[x]",
+			text: text || spinner.text,
+		});
+		return spinner;
+	};
+
+	return spinner;
+}
+
+// Re-export Ora type for convenience
+export type { Ora } from "ora";